[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-41819":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":81,"aliases":91,"duplicate_of":9,"upstream":92,"downstream":93,"duplicates":152,"related":153,"reserved_at":9,"published_at":163,"modified_at":164,"state":165,"summary":166,"references_raw":174,"kevs":203,"epss":204,"epss_history":207,"metrics":468,"affected":480},"CVE-2021-41819","CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-565","Reliance on Cookies without Validation and Integrity Checking","The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.","weakness","Incomplete","Base",[19,23,77],{"id":20,"name":21,"techniques":22},"CAPEC-226","Session Credential Falsification through Manipulation",[],{"id":24,"name":25,"techniques":26},"CAPEC-31","Accessing/Intercepting/Modifying HTTP Cookies",[27],{"id":28,"name":29,"tactics":30,"countermeasures":34},"T1539","Steal Web Session Cookie",[31],{"id":32,"name":33},"TA0031","Credential Access",[35,40,45,49,54,59,63,67,72],{"id":36,"name":37,"tactic":38},"D3-CCSA","Credential Compromise Scope Analysis",{"name":39},"Detect",{"id":41,"name":42,"tactic":43},"D3-CR","Credential Revocation",{"name":44},"Evict",{"id":46,"name":47,"tactic":48},"D3-ANCI","Authentication Cache Invalidation",{"name":44},{"id":50,"name":51,"tactic":52},"D3-DUC","Decoy User Credential",{"name":53},"Deceive",{"id":55,"name":56,"tactic":57},"D3-CH","Credential Hardening",{"name":58},"Harden",{"id":60,"name":61,"tactic":62},"D3-MFA","Multi-factor Authentication",{"name":58},{"id":64,"name":65,"tactic":66},"D3-CRO","Credential Rotation",{"name":58},{"id":68,"name":69,"tactic":70},"D3-RIC","Reissue Credential",{"name":71},"Restore",{"id":73,"name":74,"tactic":75},"D3-CTS","Credential Transmission Scoping",{"name":76},"Isolate",{"id":78,"name":79,"techniques":80},"CAPEC-39","Manipulating Opaque Client-based Data Tokens",[],[82],{"_key":83,"name":84,"source":85,"url":86,"maturity":87,"reliability_score":88,"verified":89,"type":9,"platforms":90,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_B98E53079D08BF48","Exploit Reference (ruby-lang.org)","reference","https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/","unknown",0.2,false,[],[],[],[94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150],{"_key":95},"ALPINE-CVE-2021-41819",{"_key":97},"SUSE-SU-2022:3292-1",{"_key":99},"OPENSUSE-SU-2024:11657-1",{"_key":101},"OPENSUSE-SU-2024:11658-1",{"_key":103},"OPENSUSE-SU-2024:11786-1",{"_key":105},"OPENSUSE-SU-2024:12712-1",{"_key":107},"OPENSUSE-SU-2024:13623-1",{"_key":109},"OPENSUSE-SU-2025:14621-1",{"_key":111},"OPENSUSE-SU-2025:15819-1",{"_key":113},"DLA-2853-1",{"_key":115},"DSA-5066-1",{"_key":117},"DSA-5067-1",{"_key":119},"MGASA-2021-0579",{"_key":121},"UBUNTU-CVE-2021-41819",{"_key":123},"DEBIAN-CVE-2021-41819",{"_key":125},"RHSA-2022:0543",{"_key":127},"RHSA-2022:0544",{"_key":129},"RHSA-2022:0581",{"_key":131},"RHSA-2022:0582",{"_key":133},"RHSA-2022:0708",{"_key":135},"RHSA-2022:5779",{"_key":137},"RHSA-2022:6447",{"_key":139},"RHSA-2022:6450",{"_key":141},"RHSA-2022:6855",{"_key":143},"RHSA-2022:6856",{"_key":145},"USN-5235-1",{"_key":147},"RHSA-2026:7305",{"_key":149},"RHSA-2026:7307",{"_key":151},"RHSA-2026:8838",[],[154,155,156,157,158,159,160,161,162],{"_key":97},{"_key":99},{"_key":101},{"_key":103},{"_key":105},{"_key":107},{"_key":109},{"_key":111},{"_key":119},"2022-01-01T00:00:00.000Z","2025-05-22T15:00:52.998Z","Modified",{"cisa_kev":89,"cisa_ransomware":89,"cisa_vendor":9,"epss_severity":167,"epss_score":168,"severity":169,"severity_score":170,"severity_version":171,"severity_source":172,"severity_vector":173,"severity_status":165},"low",0.00765,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",[175,182,187,191,195,199],{"url":176,"sources":177,"tags":179},"https://hackerone.com/reports/910552",[172,178],"nvd",[180,181],"Permissions Required","Third Party Advisory",{"url":86,"sources":183,"tags":184},[172,178],[185,186],"Exploit","Vendor Advisory",{"url":188,"sources":189,"tags":190},"https://security.netapp.com/advisory/ntap-20220121-0003/",[172,178],[181],{"url":192,"sources":193,"tags":194},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/",[172,178],[186],{"url":196,"sources":197,"tags":198},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/",[172,178],[186],{"url":200,"sources":201,"tags":202},"https://security.gentoo.org/glsa/202401-27",[172,178],[186],[],{"date":205,"score":168,"percentile":206},"2026-06-04",0.73806,[208,212,215,218,221,224,227,230,233,235,238,241,244,246,249,253,256,259,262,265,268,270,272,274,277,280,283,285,289,292,295,298,301,304,306,308,311,314,317,320,323,326,328,331,334,337,340,343,346,349,351,354,357,360,364,367,370,373,376,379,382,385,388,391,394,397,400,403,406,409,411,414,416,419,422,425,428,431,433,436,438,441,444,447,450,453,455,458,462,465],{"date":209,"score":210,"percentile":211},"2025-11-04",0.00881,0.74628,{"date":213,"score":210,"percentile":214},"2025-11-05",0.74619,{"date":216,"score":210,"percentile":217},"2025-11-06",0.74618,{"date":219,"score":210,"percentile":220},"2025-11-07",0.74635,{"date":222,"score":210,"percentile":223},"2025-11-08",0.74634,{"date":225,"score":210,"percentile":226},"2025-11-09",0.74629,{"date":228,"score":210,"percentile":229},"2025-11-10",0.74614,{"date":231,"score":210,"percentile":232},"2025-11-11",0.74616,{"date":234,"score":210,"percentile":220},"2025-11-12",{"date":236,"score":210,"percentile":237},"2025-11-13",0.74642,{"date":239,"score":210,"percentile":240},"2025-11-14",0.74646,{"date":242,"score":210,"percentile":243},"2025-11-15",0.74643,{"date":245,"score":210,"percentile":237},"2025-11-16",{"date":247,"score":210,"percentile":248},"2025-11-17",0.74633,{"date":250,"score":251,"percentile":252},"2025-11-18",0.00964,0.74586,{"date":254,"score":251,"percentile":255},"2025-11-19",0.74593,{"date":257,"score":251,"percentile":258},"2025-11-20",0.74602,{"date":260,"score":210,"percentile":261},"2025-11-21",0.74658,{"date":263,"score":210,"percentile":264},"2025-11-22",0.74651,{"date":266,"score":210,"percentile":267},"2025-11-23",0.74638,{"date":269,"score":210,"percentile":248},"2025-11-24",{"date":271,"score":210,"percentile":220},"2025-11-25",{"date":273,"score":210,"percentile":237},"2025-11-26",{"date":275,"score":210,"percentile":276},"2025-11-27",0.74644,{"date":278,"score":210,"percentile":279},"2025-11-28",0.74632,{"date":281,"score":210,"percentile":282},"2025-11-29",0.74631,{"date":284,"score":210,"percentile":282},"2025-11-30",{"date":286,"score":287,"percentile":288},"2025-12-01",0.00454,0.63152,{"date":290,"score":287,"percentile":291},"2025-12-02",0.63167,{"date":293,"score":287,"percentile":294},"2025-12-03",0.63172,{"date":296,"score":210,"percentile":297},"2025-12-04",0.74627,{"date":299,"score":210,"percentile":300},"2025-12-05",0.74637,{"date":302,"score":210,"percentile":303},"2025-12-06",0.7464,{"date":305,"score":210,"percentile":300},"2025-12-07",{"date":307,"score":210,"percentile":303},"2025-12-08",{"date":309,"score":210,"percentile":310},"2025-12-09",0.74671,{"date":312,"score":210,"percentile":313},"2025-12-10",0.74697,{"date":315,"score":210,"percentile":316},"2025-12-11",0.74712,{"date":318,"score":210,"percentile":319},"2025-12-12",0.74735,{"date":321,"score":210,"percentile":322},"2025-12-13",0.74743,{"date":324,"score":210,"percentile":325},"2025-12-14",0.74741,{"date":327,"score":210,"percentile":322},"2025-12-15",{"date":329,"score":210,"percentile":330},"2025-12-16",0.74756,{"date":332,"score":210,"percentile":333},"2025-12-17",0.74766,{"date":335,"score":210,"percentile":336},"2025-12-18",0.74788,{"date":338,"score":210,"percentile":339},"2025-12-19",0.74805,{"date":341,"score":210,"percentile":342},"2025-12-20",0.74801,{"date":344,"score":210,"percentile":345},"2025-12-21",0.74794,{"date":347,"score":210,"percentile":348},"2025-12-22",0.74793,{"date":350,"score":210,"percentile":336},"2025-12-23",{"date":352,"score":210,"percentile":353},"2025-12-24",0.74798,{"date":355,"score":210,"percentile":356},"2025-12-25",0.74823,{"date":358,"score":210,"percentile":359},"2025-12-26",0.74821,{"date":361,"score":362,"percentile":363},"2025-12-27",0.00566,0.67853,{"date":365,"score":210,"percentile":366},"2025-12-28",0.74802,{"date":368,"score":210,"percentile":369},"2025-12-29",0.74799,{"date":371,"score":210,"percentile":372},"2025-12-30",0.74814,{"date":374,"score":210,"percentile":375},"2025-12-31",0.74834,{"date":377,"score":287,"percentile":378},"2026-01-01",0.6343,{"date":380,"score":287,"percentile":381},"2026-01-02",0.63413,{"date":383,"score":287,"percentile":384},"2026-01-03",0.63411,{"date":386,"score":210,"percentile":387},"2026-01-04",0.74846,{"date":389,"score":210,"percentile":390},"2026-01-05",0.74839,{"date":392,"score":210,"percentile":393},"2026-01-06",0.74853,{"date":395,"score":210,"percentile":396},"2026-01-07",0.74863,{"date":398,"score":210,"percentile":399},"2026-01-08",0.74876,{"date":401,"score":210,"percentile":402},"2026-01-09",0.7488,{"date":404,"score":210,"percentile":405},"2026-01-10",0.74878,{"date":407,"score":210,"percentile":408},"2026-01-11",0.74866,{"date":410,"score":210,"percentile":393},"2026-01-12",{"date":412,"score":210,"percentile":413},"2026-01-13",0.74852,{"date":415,"score":210,"percentile":405},"2026-01-14",{"date":417,"score":210,"percentile":418},"2026-01-15",0.74887,{"date":420,"score":210,"percentile":421},"2026-01-16",0.74901,{"date":423,"score":210,"percentile":424},"2026-01-17",0.74899,{"date":426,"score":210,"percentile":427},"2026-01-18",0.74881,{"date":429,"score":210,"percentile":430},"2026-01-19",0.74872,{"date":432,"score":210,"percentile":399},"2026-01-20",{"date":434,"score":210,"percentile":435},"2026-01-21",0.74882,{"date":437,"score":210,"percentile":418},"2026-01-22",{"date":439,"score":210,"percentile":440},"2026-01-23",0.74914,{"date":442,"score":210,"percentile":443},"2026-01-24",0.74922,{"date":445,"score":210,"percentile":446},"2026-01-25",0.74907,{"date":448,"score":210,"percentile":449},"2026-01-26",0.74906,{"date":451,"score":210,"percentile":452},"2026-01-27",0.74915,{"date":454,"score":210,"percentile":443},"2026-01-28",{"date":456,"score":210,"percentile":457},"2026-01-29",0.74918,{"date":459,"score":460,"percentile":461},"2026-01-30",0.00686,0.71213,{"date":463,"score":460,"percentile":464},"2026-01-31",0.71215,{"date":466,"score":287,"percentile":467},"2026-02-01",0.63457,[469,474],{"source":172,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":470,"cvss_v4_0":9},{"baseScore":170,"baseSeverity":471,"vectorString":173,"impactScore":472,"exploitabilityScore":473},"HIGH",6,10,{"source":178,"cvss_v2_0":475,"cvss_v3_0":9,"cvss_v3_1":479,"cvss_v4_0":9},{"baseScore":476,"baseSeverity":9,"vectorString":477,"impactScore":478,"exploitabilityScore":473},5,"AV:N/AC:L/Au:N/C:N/I:P/A:N",2.9,{"baseScore":170,"baseSeverity":471,"vectorString":173,"impactScore":472,"exploitabilityScore":473},[481,494,502,510,515,522,527,537,554],{"ecosystem":9,"name":482,"vendor":483,"product":484,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":486},"debian linux","debian","debian_linux","o",[487,490,492],{"version":488,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0","cpe",{"version":491,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"version":493,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":9,"name":495,"vendor":496,"product":495,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":497},"fedora","fedoraproject",[498,500],{"version":499,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34",{"version":501,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"ecosystem":9,"name":503,"vendor":504,"product":505,"cpe_part":506,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":507},"Factory","opensuse","factory","a",[508],{"version":509,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":511,"vendor":504,"product":511,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":512},"leap",[513],{"version":514,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.2",{"ecosystem":9,"name":516,"vendor":517,"product":518,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":519},"enterprise linux","redhat","enterprise_linux",[520],{"version":521,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":523,"vendor":517,"product":524,"cpe_part":506,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":525},"software collections","software_collections",[526],{"version":509,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":528,"vendor":529,"product":528,"cpe_part":506,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":530},"cgi","ruby-lang",[531,533,535],{"version":532,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"0.1.0",{"version":534,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"0.2.0",{"version":536,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"0.3.0",{"ecosystem":9,"name":538,"vendor":529,"product":538,"cpe_part":506,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":539},"ruby",[540,545,550],{"version":541,"is_range":542,"range_type":489,"version_start":9,"version_start_type":9,"version_end":543,"version_end_type":544,"fixed_in":9},"lte2.6.8",true,"2.6.8","including",{"version":546,"is_range":542,"range_type":489,"version_start":547,"version_start_type":544,"version_end":548,"version_end_type":549,"fixed_in":9},"gte2.7.0_lt2.7.5","2.7.0","2.7.5","excluding",{"version":551,"is_range":542,"range_type":489,"version_start":552,"version_start_type":544,"version_end":553,"version_end_type":549,"fixed_in":9},"gte3.0.0_lt3.0.3","3.0.0","3.0.3",{"ecosystem":9,"name":555,"vendor":556,"product":557,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":558},"linux enterprise","suse","linux_enterprise",[559,561,563],{"version":560,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0:sp1",{"version":562,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0",{"version":564,"is_range":89,"range_type":489,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0"]